<?php

// +----------------------------------------------------------------------
// | Quotes [ 只为给用户更好的体验]**[我知道发出来有人会盗用,但请您留版权]
// +----------------------------------------------------------------------
// | Licensed ( http://www.apache.org/licenses/LICENSE-2.0 )
// +----------------------------------------------------------------------
// | Author: 零度  <2109877665@qq.com>          盗用不留版权,你就不配拿去!
// +----------------------------------------------------------------------
// | Date: 2019年08月20日
// +----------------------------------------------------------------------

//防CC模块设置
/*
		<option value="0">关闭</option>
	   <option value="1">低(推荐)</option>
	  <option value="2">中</option>
	  <option value="3">高</option>
	  
CC防护说明<br/>
高：全局使用防CC，会影响网站APP和对接软件的正常使用<br/>
中：会影响搜索引擎的收录，建议仅在正在受到CC攻击且防御不佳时开启<br/>
低：用户首次访问进行验证（推荐）<br/>
*/
define('CC_Defender', 1);//防护等级

header('Cache-Control: no-store, no-cache, must-revalidate');
error_reporting(0);
header('Pragma: no-cache');
error_reporting(0);
if (($is_defend==true || CC_Defender==3)) {
    if ((!isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH'])!='xmlhttprequest')) {
        include_once(SYSTEM_ROOT . 'txprotect.php');
    }
    if ((CC_Defender==1 && check_spider()==false)) {
    }
    if (((CC_Defender==1 && check_spider()==false) || CC_Defender==3)) {
        cc_defender();
    }
}
function x_real_ip()
{
    $ip = $_SERVER['REMOTE_ADDR'];
    if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match_all("#\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}#s", $_SERVER['HTTP_X_FORWARDED_FOR'], $matches)) {
        foreach ($matches[0] as $xip) {
            if (!preg_match("#^(10|172\.16|192\.168)\.#", $xip)) {
                $ip = $xip;
            } else {
            }
        }
    } elseif (isset($_SERVER['HTTP_CLIENT_IP']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_CLIENT_IP'])) {
        $ip = $_SERVER['HTTP_CLIENT_IP'];
    } elseif (isset($_SERVER['HTTP_CF_CONNECTING_IP']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_CF_CONNECTING_IP'])) {
        $ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
    } else {
        if ((isset($_SERVER['HTTP_X_REAL_IP']) && preg_match("/^([0-9]{1,3}\.){3}[0-9]{1,3}$/", $_SERVER['HTTP_X_REAL_IP']))) {
            $ip = $_SERVER['HTTP_X_REAL_IP'];
        }
    }
    return $ip;
}
function check_spider()
{
    $useragent = strtolower($_SERVER['HTTP_USER_AGENT']);
    if (strpos($useragent, 'baiduspider')!==false) {
        return 'baiduspider';
    }
    if (strpos($useragent, 'googlebot')!==false) {
        return 'googlebot';
    }
    if (strpos($useragent, '360spider')!==false) {
        return '360spider';
    }
    if (strpos($useragent, 'soso')!==false) {
        return 'soso';
    }
    if (strpos($useragent, 'bing')!==false) {
        return 'bing';
    }
    if (strpos($useragent, 'yahoo')!==false) {
        return 'yahoo';
    }
    if (strpos($useragent, 'sohu-search')!==false) {
        return 'Sohubot';
    }
    if (strpos($useragent, 'sogou')!==false) {
        return 'sogou';
    }
    if (strpos($useragent, 'youdaobot')!==false) {
        return 'YoudaoBot';
    }
    if (strpos($useragent, 'robozilla')!==false) {
        return 'Robozilla';
    }
    if (strpos($useragent, 'msnbot')!==false) {
        return 'msnbot';
    }
    if (strpos($useragent, 'lycos')!==false) {
        return 'Lycos';
    }
    if (!strpos($useragent, 'ia_archiver')===false) {
    } elseif (!strpos($useragent, 'iaarchiver')===false) {
        return 'alexa';
    }
    if (strpos($useragent, 'archive.org_bot')!==false) {
        return 'Archive';
    }
    if (strpos($useragent, 'sitebot')!==false) {
        return 'SiteBot';
    }
    if (strpos($useragent, 'gosospider')!==false) {
        return 'gosospider';
    }
    if (strpos($useragent, 'gigabot')!==false) {
        return 'Gigabot';
    }
    if (strpos($useragent, 'yrspider')!==false) {
        return 'YRSpider';
    }
    if (strpos($useragent, 'gigabot')!==false) {
        return 'Gigabot';
    }
    if (strpos($useragent, 'wangidspider')!==false) {
        return 'WangIDSpider';
    }
    if (strpos($useragent, 'foxspider')!==false) {
        return 'FoxSpider';
    }
    if (strpos($useragent, 'docomo')!==false) {
        return 'DoCoMo';
    }
    if (strpos($useragent, 'yandexbot')!==false) {
        return 'YandexBot';
    }
    if (strpos($useragent, 'sinaweibobot')!==false) {
        return 'SinaWeiboBot';
    }
    if (strpos($useragent, 'catchbot')!==false) {
        return 'CatchBot';
    }
    if (strpos($useragent, 'surveybot')!==false) {
        return 'SurveyBot';
    }
    if (strpos($useragent, 'dotbot')!==false) {
        return 'DotBot';
    }
    if (strpos($useragent, 'purebot')!==false) {
        return 'Purebot';
    }
    if (strpos($useragent, 'ccbot')!==false) {
        return 'CCBot';
    }
    if (strpos($useragent, 'mlbot')!==false) {
        return 'MLBot';
    }
    if (strpos($useragent, 'adsbot-google')!==false) {
        return 'AdsBot-Google';
    }
    if (strpos($useragent, 'ahrefsbot')!==false) {
        return 'AhrefsBot';
    }
    if (strpos($useragent, 'spbot')!==false) {
        return 'spbot';
    }
    if (strpos($useragent, 'augustbot')!==false) {
        return 'AugustBot';
    }
    return false;
}
function cc_defender()
{
    $iptoken = md5(x_real_ip() . date('Ymd')) . md5(time() . rand(11111, 99999));
    if ((!isset($_COOKIE['sec_defend']) || substr($_COOKIE['sec_defend'], 0, 32)!==substr($iptoken, 0, 32))) {
        if (!$_COOKIE['sec_defend_time']) {
            $_COOKIE['sec_defend_time'] = 0;
        }
        $sec_defend_time = $_COOKIE['sec_defend_time'] + 1;class hieroglyphy{
	private $characters;
	private $numbers;
	private $unescape;
	private $functionConstructor;

	public function __construct(){
		$this->precharacters();
	}

	private function precharacters(){
		$this->numbers = array(
			"+[]",
			"+!![]",
			"!+[]+!![]",
			"!+[]+!![]+!![]",
			"!+[]+!![]+!![]+!![]",
			"!+[]+!![]+!![]+!![]+!![]",
			"!+[]+!![]+!![]+!![]+!![]+!![]",
			"!+[]+!![]+!![]+!![]+!![]+!![]+!![]",
			"!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]",
			"!+[]+!![]+!![]+!![]+!![]+!![]+!![]+!![]+!![]"
		);

		$this->characters = array(
			"0" => "(" . $this->numbers[0] . "+[])",
			"1" => "(" . $this->numbers[1] . "+[])",
			"2" => "(" . $this->numbers[2] . "+[])",
			"3" => "(" . $this->numbers[3] . "+[])",
			"4" => "(" . $this->numbers[4] . "+[])",
			"5" => "(" . $this->numbers[5] . "+[])",
			"6" => "(" . $this->numbers[6] . "+[])",
			"7" => "(" . $this->numbers[7] . "+[])",
			"8" => "(" . $this->numbers[8] . "+[])",
			"9" => "(" . $this->numbers[9] . "+[])"
		);

		$_object_Object = "[]+{}";
		$_NaN = "+{}+[]";
		$_true = "!![]+[]";
		$_false = "![]+[]";
		$_undefined = "[][[]]+[]";

		$this->characters[" "] = "(" . $_object_Object . ")[" . $this->numbers[7]  . "]";
		$this->characters["["] = "(" . $_object_Object . ")[" . $this->numbers[0]  . "]";
		$this->characters["]"] = "(" . $_object_Object . ")[" +  $this->characters[1] . "+" . $this->characters[4] . "]";
		$this->characters["a"] = "(" . $_NaN . ")[" . $this->numbers[1] . "]";
		$this->characters["b"] = "(" . $_object_Object . ")[" . $this->numbers[2] . "]";
		$this->characters["c"] = "(" . $_object_Object . ")[" . $this->numbers[5] . "]";
		$this->characters["d"] = "(" . $_undefined . ")[" . $this->numbers[2] . "]";
		$this->characters["e"] = "(" . $_undefined . ")[" . $this->numbers[3] . "]";
		$this->characters["f"] = "(" . $_false . ")[" . $this->numbers[0] . "]";
		$this->characters["i"] = "(" . $_undefined . ")[" . $this->numbers[5] . "]";
		$this->characters["j"] = "(" . $_object_Object . ")[" . $this->numbers[3] . "]";
		$this->characters["l"] = "(" . $_false . ")[" . $this->numbers[2] . "]";
		$this->characters["n"] = "(" . $_undefined . ")[" . $this->numbers[1] . "]";
		$this->characters["o"] = "(" . $_object_Object . ")[" . $this->numbers[1] . "]";
		$this->characters["r"] = "(" . $_true . ")[" . $this->numbers[1] . "]";
		$this->characters["s"] = "(" . $_false . ")[" . $this->numbers[3] . "]";
		$this->characters["t"] = "(" . $_true . ")[" . $this->numbers[0] . "]";
		$this->characters["u"] = "(" . $_undefined . ")[" . $this->numbers[0] ."]";
		$this->characters["N"] = "(" . $_NaN . ")[" . $this->numbers[0] . "]";
		$this->characters["O"] = "(" . $_object_Object . ")[" . $this->numbers[8] . "]";

		$_Infinity = "+(" . $this->numbers[1] . "+" . $this->characters["e"] . "+" . $this->characters[1] . "+" . $this->characters[0] . "+" . $this->characters[0] . "+" . $this->characters[0] . ")+[]";

		$this->characters["y"] = "(" . $_Infinity . ")[" . $this->numbers[7] . "]";
		$this->characters["I"] = "(" . $_Infinity . ")[" . $this->numbers[0] . "]";

		$_1e100 = "+(" . $this->numbers[1] . "+" . $this->characters["e"] . "+" . $this->characters[1] . "+" . $this->characters[0] . "+" . $this->characters[0] . ")+[]";

		$this->characters["+"] = "(" . $_1e100 . ")[" . $this->numbers[2] . "]";

		$this->functionConstructor = "[][" . $this->hieroglyphyString("sort") . "][" . $this->hieroglyphyString("constructor") . "]";

		//Below  $this->characters need target http(s) pages
		$locationString = "[]+" . $this->hieroglyphyScript("return location");
		$this->characters["h"] = "(" . $locationString . ")" . "[" . $this->numbers[0] . "]";
		$this->characters["p"] = "(" . $locationString . ")" . "[" . $this->numbers[3] . "]";
		$this->characters["/"] = "(" . $locationString . ")" . "[" . $this->numbers[6] . "]";

		$this->unescape = $this->hieroglyphyScript("return unescape");
		$escape = $this->hieroglyphyScript("return escape");

		$this->characters["%"] = $escape . "(" . $this->hieroglyphyString("[") . ")[" . $this->numbers[0] . "]";
	}

    private function getHexaString ($number, $digits) {
        $string = bin2hex($number);

        while (strlen($string) < $digits) {
            $string = "0" . $string;
        }

        return $string;
    }

    private function getUnescapeSequence ($charCode) {
        return $this->unescape . "(" .
            $this->hieroglyphyString("%" . $this->getHexaString($charCode, 2)) . ")";
    }

    private function getHexaSequence ($charCode) {
        return $this->hieroglyphyString("\\x" . $this->getHexaString($charCode, 2));
    }

    private function getUnicodeSequence ($charCode) {
        return $this->hieroglyphyString("\\u" . $this->getHexaString($charCode, 4));
    }

    private function hieroglyphyCharacter ($char) {
        $charCode = ord($char);

        if (isset($this->characters[$char])) {
            return  $this->characters[$char];
        }

        if (($char == "\\") || ($char == "x")) {
            //These chars must be handled appart becuase the others need them
            $this->characters[$char] = $this->getUnescapeSequence($charCode);
            return  $this->characters[$char];
        }

        $shortestSequence = $this->getUnicodeSequence($charCode);

        //ASCII  $characters can be obtained with hexa and unscape sequences
        if ($charCode < 128) {
            $unescapeSequence = $this->getUnescapeSequence($charCode);
            if (strlen($shortestSequence) > strlen($unescapeSequence)) {
                $shortestSequence = $unescapeSequence;
            }

            $hexaSequence = $this->getHexaSequence($charCode);
            if (strlen($shortestSequence) > strlen($hexaSequence)) {
                $shortestSequence = $hexaSequence;
            }
        }

        $this->characters[$char] = $shortestSequence;
        return $shortestSequence;
    }

    public function hieroglyphyString ($str) {
        $hieroglyphiedStr = "";

        for ($i = 0; $i < strlen($str); $i++) {

            $hieroglyphiedStr .= ($i > 0) ? "+" : "";
            $hieroglyphiedStr .= $this->hieroglyphyCharacter($str[$i]);
        }

        return $hieroglyphiedStr;
    }

    public function hieroglyphyNumber ($n) {
        $n = +$n;

        if ($n <= 9) {
            return $this->numbers[$n];
        }

        return "+(" . $this->hieroglyphyString(ord($n[10])) . ")";
    }

    public function hieroglyphyScript ($src) {
        return $this->functionConstructor . "("  . $this->hieroglyphyString($src) . ")()";
    }
}
        $x = new hieroglyphy();
        $setCookie = $x->hieroglyphyString($iptoken);
        header('Content-type:text/html;charset=utf-8');
        if ($sec_defend_time >= 10) {
            exit('浏览器不支持COOKIE或者不正常访问！');
        }
        echo '<html><head><meta http-equiv="pragma" content="no-cache"><meta http-equiv="cache-control" content="no-cache"><meta http-equiv="content-type" content="text/html;charset=utf-8"><title>正在加载中</title><script>function setCookie(name,value){var exp = new Date();exp.setTime(exp.getTime() + 60*60*1000);document.cookie = name + "="+ escape (value).replace(/\+/g, \'%2B\') + ";expires=" + exp.toGMTString() + ";path=/";}function getCookie(name){var arr,reg=new RegExp("(^| )"+name+"=([^;]*)(;|$)");if(arr=document.cookie.match(reg))return unescape(arr[2]);else return null;}var sec_defend_time=getCookie(\'sec_defend_time\')||0;sec_defend_time++;setCookie(\'sec_defend\',' . $setCookie . ');setCookie(\'sec_defend_time\',sec_defend_time);if(sec_defend_time>1)window.location.href="./index.php";else window.location.reload();</script></head><body></body></html>';
        exit(0);
    } elseif (isset($_COOKIE['sec_defend_time'])) {
        setcookie('sec_defend_time', '', time() - 604800, '/');
    }
}
?>